diff options
author | Kris Kennaway <kris@FreeBSD.org> | 2000-04-13 06:33:22 +0000 |
---|---|---|
committer | Kris Kennaway <kris@FreeBSD.org> | 2000-04-13 06:33:22 +0000 |
commit | f579bf8ec7713035a231884db9958cdc4ff5d7cf (patch) | |
tree | 85b9c007d5ac1d91a3895eef3fd18d6114b62cc4 /crypto/openssl/doc/crypto/blowfish.pod | |
parent | 97b2ed56f81c44973772e4cf3869f4f70e2b5d78 (diff) | |
download | src-test2-f579bf8ec7713035a231884db9958cdc4ff5d7cf.tar.gz src-test2-f579bf8ec7713035a231884db9958cdc4ff5d7cf.zip |
Notes
Diffstat (limited to 'crypto/openssl/doc/crypto/blowfish.pod')
-rw-r--r-- | crypto/openssl/doc/crypto/blowfish.pod | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/crypto/openssl/doc/crypto/blowfish.pod b/crypto/openssl/doc/crypto/blowfish.pod new file mode 100644 index 000000000000..e0b777418faa --- /dev/null +++ b/crypto/openssl/doc/crypto/blowfish.pod @@ -0,0 +1,109 @@ +=pod + +=head1 NAME + +blowfish, BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, +BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption + +=head1 SYNOPSIS + + #include <openssl/blowfish.h> + + void BF_set_key(BF_KEY *key, int len, const unsigned char *data); + + void BF_encrypt(BF_LONG *data,const BF_KEY *key); + void BF_decrypt(BF_LONG *data,const BF_KEY *key); + + void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, + BF_KEY *key, int enc); + void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, + long length, BF_KEY *schedule, unsigned char *ivec, int enc); + void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, BF_KEY *schedule, unsigned char *ivec, int *num, + int enc); + void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, BF_KEY *schedule, unsigned char *ivec, int *num); + const char *BF_options(void); + +=head1 DESCRIPTION + +This library implements the Blowfish cipher, which is invented and described +by Counterpane (see http://www.counterpane.com/blowfish/ ). + +Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. +It uses a variable size key, but typically, 128 bit (16 byte) keys are +a considered good for strong encryption. Blowfish can be used in the same +modes as DES (see L<des_modes(7)|des_modes(7)>). Blowfish is currently one +of the faster block ciphers. It is quite a bit faster than DES, and much +faster than IDEA or RC2. + +Blowfish consists of a key setup phase and the actual encryption or decryption +phase. + +BF_set_key() sets up the B<BF_KEY> B<key> using the B<len> bytes long key +at B<data>. + +BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish +encryption. They encrypt/decrypt the first 64 bits of the vector pointed by +B<data>, using the key B<key>. These functions should not be used unless you +implement 'modes' of Blowfish. + +BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. +It encrypts or decrypts the first 64 bits of B<in> using the key B<key>, +putting the result in B<out>. B<enc> decides if encryption (B<BF_ENCRYPT>) +or decryption (B<BF_DECRYPT>) shall be performed. The vector pointed at by +B<in> and B<out> must be 64 bits in length, no less. If they are larger, +everything after the first 64 bits is ignored. + +The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() +all operate on variable length data. They all take an initialisation vector +B<ivec> which needs to be passed along into the next call of the same function +for the same message. B<ivec> may be initialised with anything, but the +recipient needs to know what it was initialised with, or it won't be able +to decrypt. Some programs and protocols simplify this, like SSH, where +B<ivec> is simply initialised to zero. +BF_cbc_encrypt() operates of data that is a multiple of 8 bytes long, while +BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable +number of bytes (the amount does not have to be an exact multiple of 8). The +purpose of the latter two is to simulate stream ciphers, and therefore, they +need the parameter B<num>, which is a pointer to an integer where the current +offset in B<ivec> is stored between calls. This integer must be initialised +to zero when B<ivec> is initialised. + +BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It +encrypts or decrypts the 64 bits chunks of B<in> using the key B<schedule>, +putting the result in B<out>. B<enc> decides if encryption (BF_ENCRYPT) or +decryption (BF_DECRYPT) shall be performed. B<ivec> must point at an 8 byte +long initialisation vector. + +BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. +It encrypts or decrypts the bytes in B<in> using the key B<schedule>, +putting the result in B<out>. B<enc> decides if encryption (B<BF_ENCRYPT>) +or decryption (B<BF_DECRYPT>) shall be performed. B<ivec> must point at an +8 byte long initialisation vector. B<num> must point at an integer which must +be initially zero. + +BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. +It uses the same parameters as BF_cfb64_encrypt(), which must be initialised +the same way. + +=head1 RETURN VALUES + +None of the functions presented here return any value. + +=head1 NOTE + +Applications should use the higher level functions +L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc. instead of calling the +blowfish functions directly. + +=head1 SEE ALSO + +L<des_modes(7)|des_modes(7)> + +=head1 HISTORY + +The Blowfish functions are available in all versions of SSLeay and OpenSSL. + +=cut + |